package com.irdstudio.apicenter.gateway.security.auth;

import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import com.irdstudio.apicenter.gateway.core.MaccsConstant;
import com.irdstudio.apicenter.gateway.util.crypt.CryptUtils;

public class AuthManager {
	public static boolean debug_mode = MaccsConstant.Client_debug_mode;

	public final static int CLIENT_OK = 0;//
	public final static int UNKNOWN_CLIENT = 1;
	public final static int INVALID_PASSWORD = 2;

	public final static int INVALID_REQUEST = 3;
	public final static int DECRYPT_FAIL = 4;
	public final static String CLIENT_SESSION= "ClientSession";
	private static Map<String, ClientInfo> clientMap = Collections
			.synchronizedMap(new HashMap<String, ClientInfo>());
	private static OtpAuthority otpAuthority = new SimpleOtpAuthority();

	// 客户端请求接入
	public static void initClient(String did, String ip,String random,HttpServletRequest request) {
		if (!((SimpleOtpAuthority) otpAuthority).hello(did, random)) {
			return;
		}
		ClientInfo c = new ClientInfo();
		c.setDid(did);
		c.setIp(ip);
		c.setClientInitKey(random);
		request.getSession().setAttribute(CLIENT_SESSION, c);
//		clientMap.put(did, c);
	}

	// 客户端身份校验
	public static int validClient(String did, String random) {
		return otpAuthority.authorizeRequest(did, random);
	}

	// 客户端请求基本检测
	// 交易请求的基本校验，校验URL是否合法
	// 完成，未联调
	public static int basicCheck(String did, String encodeMsg,String url,HttpServletRequest request) {
		if (debug_mode)
			return CLIENT_OK;
		// encodeMsg:did:random:
		if (did == null || "".equals(did) || (MaccsConstant.safeCheckList.indexOf(url)!=-1&&( encodeMsg == null
				|| "".equals(encodeMsg))) )
			return INVALID_REQUEST;
//		ClientInfo c = clientMap.get(did);
		ClientInfo c=getClientInfo(request);
		if (c == null || c.getToken() == null) {
			return UNKNOWN_CLIENT;
		}
       
		if (MaccsConstant.safeCheckList.indexOf(url) != -1) {
			byte[] srcBytes = CryptUtils.decrypt(c.getToken().getBytes(),
					encodeMsg.getBytes());
			if (srcBytes == null
					|| (srcBytes != null && !(new String(srcBytes)
							.startsWith(did)))) {
				return DECRYPT_FAIL;
			}
			if (!c.request(encodeMsg)) {
				return INVALID_REQUEST;
			}
		}
		
		return CLIENT_OK;
	}

	public static ClientInfo getClientInfo(HttpServletRequest request) {
//		return clientMap.get(did);
		ClientInfo c=(ClientInfo)request.getSession().getAttribute(CLIENT_SESSION);
//		System.out.println("jsessionid:"+request.getSession().getId());
		return c;
	}

	public static String genToken() {

		try {
			String value = "t" + new Date().getTime();
			MessageDigest md = MessageDigest.getInstance("MD5");
			md.update(value.getBytes(), 0, value.length());
			return "" + new BigInteger(1, md.digest()).toString(16);
		} catch (NoSuchAlgorithmException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return String.valueOf(new Date().getTime());
	}
}
